(as of June 2019 2018)
End of Term
|Mr. Ram Panda, Chair, ex officio||[06/30/2021]|
|Prof. Suzanne Fortier, Principal and Vice-Chancellor, ex officio||[06/30/2021]|
|Mr. Alan Desnoyers||[06/30/2021]|
|Professor David Harpp||[06/30/2021]|
|Mr. Ehab Lotayef||[06/30/2021]|
|Mr. Nikulas Dworek||[05/31/2020]|
|Ms. Samira Sakhia||[06/30/2021]|
|Mr. Howard Stotland||[06/30/2021]|
|Ms. Martine Turcotte||[06/30/2021]|
|Mr. Pierre Turcotte||[06/30/2021]|
Prof. Yves Beauchamp, Vice-Principal (Administration and Finance)
Prof. Christopher Manfredi, Provost and Vice-Principal (Academic)
Sectretary & Governance Advisor
Ms. Edyta Rogowska, Secretary-General
Terms of Reference of the Information Technology (IT) Committee
The Information Technology (“IT”) Committee (“Committee”) is established under the authority of, and is accountable to the Board of Governors (the “Board”) of McGill University (the “University”). It shall function as stipulated in these terms of reference and the Regulations of the Committees of the Board of Governors of McGill University (the “Regulations”). In accordance with the Regulations, meetings of the Committee shall be held in closed session unless the Committee resolves to carry out a meeting or part of a meeting in open session.
a) Members shall be appointed to the Committee on the basis of their expertise in information technology and related fields.
b) Other than ex-officio members, appointments to the Committee are approved by the Board, normally on the recommendation of the Nominating, Governance and Ethics Committee.
c) The Committee shall consist of seven to nine members, exclusive of ex officio members, selected, as indicated below, from among the following categories of membership:
- Three from among:
- At-large members (at least one);
- Governors Emeriti
- Alumni Association members;
- one member from the Academic Staff or Senate representatives on the Board
- one member from the Administrative and Support Staff members on the Board
- one student member from among the Board members or Board observers
- at least one and up to three members of the general public with expertise in information technology, cyber security, or a related field.
d) The Chair of the Board and the Principal shall serve as ex officio members of the Committee.
e) The Chair of the Committee shall be appointed by the Board from among the Committee members, normally on the recommendation of the Nominating, Governance and Ethics Committee.
f) The Committee may recommend to the Nominating, Governance and Ethics Committee the appointment of a Vice-Chair of the Committee.
g) The Vice-Principal (Administration and Finance) shall serve as the Senior Steward to the Committee.
h) The Secretary-General or delegate shall serve as Secretary and governance advisor to the Committee.
i) The Provost and Vice-Principal (Academic) shall serve as special advisor to the Committee.
j) Where necessary or appropriate to facilitate and support the business of the Committee, the Senior Steward or Secretary may invite University staff to serve as resource persons for particular items of business before the Committee at a meeting.
2. Mandate of the Committee
Subject to the Policy on the Approval of Contracts and Designation of Signing Authority, the Committee assists and advises the Board of Governors in fulfilling governance responsibilities with respect to information technology projects. The Committee also assists the Board with establishing strategic plans, principles and policies relevant to information technology. Among the items considered by the Committee are those responding to recommendations of Internal Audit or Enterprise Risk Management.
Without limiting the generality of the foregoing, the Committee shall:
2.1 Functions delegated by the Board of Governors
a) Review and approve IT-related projects and technology architecture initiatives, including educational software platforms, which require approval by the Committee pursuant to the Policy on the Approval of Contracts and Designation of Signing Authority. In considering such projects and initiatives, the Committee shall assess risk areas, including but not limited to:
- data quality and data governance
- privacy and protection of personal information
- data security and information technology system controls
- disaster and recovery planning
- financial, reputational, compliance risks
- sustainability considerations
- project and system implementation risks
b) Ensure that sources of funding for IT-related projects and initiatives are clearly identified and assured.
c) Receive and review, at least annually, a report on planned IT-related projects and initiatives, including their projected budget, sources of funding and projected expenditures.
d) Receive, at least bi-annually, a report on Committee and Board approved projects and initiatives and review their financial and completion status.
e) Receive and review, at least annually, a report on IT projects and initiatives approved by the Principal or the Vice-Principal (Administration and Finance) pursuant to their respective authorities under the Policy on Approval of Contracts and Designation of Signing Authority.
f) Receive and review, at least annually, a report on information technology security, including cyber security.
g) Receive and review, at least annually, a report on institutional data and information management practices, systems and controls.
h) Consider any matters identified by the Board, the Principal or the Vice-Principal (Administration and Finance) that relate to IT planning and development.
i) Periodically invite University units or committees to report on matters regarding IT planning and development and stewardship.
2.2 Functions subject to the approval of the Board of Governors
a) Review and recommend to the Board for approval, IT-related projects and technology architecture initiatives, including educational software platforms, which require approval by the Board pursuant to the Policy on the Approval of Contracts and Designation of Signing Authority.
b) Review and recommend to the Board for approval, strategic plans, principles and policies relevant to information technology, including but not limited to information technology management and data governance.
3. General Provisions
The Committee shall meet at least three times a year. The Committee shall have a calendar of business, maintained by the Secretary-General or delegate, for purposes of ensuring that each meeting agenda addresses responsibilities as outlined in these terms of reference.
The Committee shall report to the Board on a regular basis, and within a reasonable time following the Committee meeting.
The Committee shall review its terms of reference at least once every five years and recommend any changes to the Nominating, Governance and Ethics Committee.
Board of Governors October 4, 2018